Posted
by
timothy
on Sunday July 22, 2012 @06:19AM
from the granular-snapshots dept.

wiredmikey writes "A researcher specializing in smart grids has released an open-source tool designed to assess the security of smart meters. Dubbed 'Termineter,' the framework would allow users, such as grid operators and administrators, to test smart meters for vulnerabilities. Termineter uses the serial port connection that interacts with the meter's optical infrared interface to give the user access to the smart meter's inner workings. The user interface is much like the interface used by the Metasploit penetration testing framework. It relies on modules to extend its testing capabilities. Spencer McIntyre, a member of SecureState's Research and Innovation Team, is scheduled to demonstrate Termineter in a session 'How I Learned to Stop Worrying and Love the Smart Meter,' at Security B-Sides Vegas on July 25. The Termineter Framework can be downloaded here." As the recent lucky winner of a smart meter from the local gas company, I wish householder access to this data was easy and expected.

As someone who writes drivers for various smart meters to do AMR, I am surprised it took this long. Most protocols are childishly simple with little in the way of encryption or authentication. Often the passwords are sent in plain text. Check metering might be a simpler way to secure your meters. Catch them at it rather than get into an arms race...

Never. Our product is designed to save clients money. Basically the supply utility implements TOU tariffs and we provide data capture and analysis tools to optimize when and how they use their power. I see no moral issue with this. Besides, how is being asked to pay for your power a moral issue?

I don't think the other AC mentioned anything about paying for power being a moral issue. Peripherally it is--as in, we build huge centralized fossil fuel power plants and can't seem to make solar power work right because it works best in a decentralized (read "local purchased hardware, non metered use) kind of way, which would totally be disruptive to the large megacorps' government and military backed business plans, but that's another story and not totally relevant here.

No moral issues for us. None at all. Our client's data is their own. And can and has been used to check and audit the supply authorities meters. Their data never leaves their internal networks. Our software has saved vast amounts of money for loads of users. That is why it sells.

TOU tarriffs make a lot of sense. They encourage big users to shift their load so that your house does not get cut off at peak times. Electricity generation in not the simplest thing to do. Your 30min load profile is useful for tha

Sometimes my clients data is someone else' but not always. Sometimes people do sub metering to assign costs to processes in their plants. When it is sub metering for billing, i respect the right of my client to recover costs from their sub clients. We don't do any analysis that would infringe an individual's privacy at the moment.

You need smarter meters to handle solar panels. Existing analog meters are unable to determine if electricity is being consumed by the house or generated by it.

Rate scheduling is necessary to reduce use of expensive and dirty coal fired "peaker" plants. Encourages the home owner to do laundry at night, allows automatic shutting down of hot water heaters at peak hours, etc.

The grid itself is out dated. Power can be conserved and optimized by having monitors on the transformers and cap banks, monitoring ho

The moral issue is that you helped install a system that you stated very clearly is "childishly simple with little in the way of encryption or authentication" and these meters are responsible for a critical and potentially very expensive bill being sent to every person every month. Now a hacking framework is available, it is only a matter of time before smart meters will be hacked and people will get incorrect bills for far more than what they owed. It doesn't take a very good imagination to figure out even worse outcomes of having an easy to hack critical infrastructure. Someone could write a virus that could propagate through the smart meter network and then shut off power over a very wide area. When there are big power outages, sometimes people die.

So perhaps now the moral issue is a bit more clear? It is immoral to make critical infrastructure that is deliberately insecure.

Our product is designed to save clients money.

I can't imagine what utility you work for but it couldn't possibly be PG&E. The smart meters we have here are most decidedly NOT designed to save customers money. They were used as a backdoor way to implement "time of use" metering, so they can charge extra during peak hours. Many people I know with a smart meter have had their bill go up while their usage stayed the same. I often work from home so my bill went up fairly substantially. The other reason for the smart meters is that PG&E get to charge a percent markup for profit on "capital upgrades" so they decided "hey if we install a fancy expensive new meter on every single customer in the state we can make a huge extra pile of money!!!" So you can sell your "save the customer money" to a more gullible audience, but we aren't going to buy it here.

Firstly I don't work for a utility. I work for a company that gives companies the ability to audit utilities. Secondly, all the meters we link to are normally on an internal LAN. If someone has gotten into that, there is not much we can do. Thirdly, there is no alternative to meters with simple low security protocols on the market. We would happily support them if there were. In fact I'm looking at a "concentrator" approach that will encrypt the data. I do not work for a hardware manufacturer, so I don't co

Not really. Power generation is a complex balancing game. That information can make the grid more stable. Also if you start generating power, your dumb meter won't register it. Basically I can see why they're used by the utility, but I am not one,

Fourthly, a virus on a smart meter? Good luck with that. They're nowhere near that smart...

Good to know. Though I do know they are networked and that the utility now has the ability to shut down and restore power without sending anyone to the actual site, so I will be surprised if we don't see exploits with bad results for people in the next few years.

Fourthly, a virus on a smart meter? Good luck with that. They're nowhere near that smart...

What an incredibly naive assumption. A friend of mine audits smart meter security and occasionally speaks at Black Hat about them. Viruses can target embedded systems and can be written if the flash/update mechanism over the network is secured with "childishly simple" methods. Once compromised firmware has been distributed across the network of meters, if they happen to have a remote disconnect feature, hundreds of

Not normally. Most of the meters I deal with only accept commands through the network. You normally need an optical head to upgrade the firmware. So I suppose a virus is possible, though you'd have to spread it manually. My point anyway was, check-metering is a better solution than trying to secure the meter in an arms race. If it were me(and it isn't) I'd hijack the comms with randomly generated (within parameters) data that looks like the meter. Still they're likely to catch you on an audit, which they wo

That really depends on how the firmware security is implemented. For example, you normally need to boot a funky DOS based update program to update the BIOS on a PC, but there are programs that can do it on the running system without a reboot.

If arbitrary code can be run through an exploit, the same technique might be applicable to meters.

If that isn't possible, there could still be a problem. A recent persistent threat seen in the wild (on PCs) makes no attempt at all to preserve itself on the machine. It j

The problem is where is your attack vector? Meters are highly specialized hardware. Normally they have dual firmware and processing. The interface provided over the optical head may be quite sophisticated, but over the other ports is on the level of modbus(which some use). If you look at the source code linked to in the fine article, you'll see that. Some meters do not allow firmware updates. Remember these are not PCs. If the measuring firmware is offline for as long as 10minutes (transfer the firmware ove

Perhaps you're not dealing with the meters that were 0wned in a demonstration, one after the other over the network. If so, good, those shouldn't be deployed anywhere, ever. Note that modbus has write commands.

All I do know is that if you can transact with something, there is potential for an exploit. I also know that the mass of trojans and viruses out there so far (with the exception of stuxnet) have been benign compared to what they could have done, mostly because they have either been childish pranks or

Modbus can write to a register, which is basically a memory location. Most write commands are rejected immediately, and have strict length checks in the meters I use. Some old bugs in my driver show this quite nicely. I must check which meters were 0wned. I am not in the US, so we do use different meters, but I understand some models are worldwide.. In which meters are compromised in the US, I must confess my ignorance... But most likely prepayment meters, which I don't touch.

TOU will save money. If you want to fire up all your electric appliances during the middle of the hottest day of the year, then you are the one being irresponsible, not the utility. Since you're a PGE customer than how did you miss the rolling blackouts we had a decade ago, or all the coal fired plants that have to be turned on during peak hours? These plants are turned on with very fuzzy information because the grids don't have the detailed information available to even know if they're over capacity or

Real time systems design is used for countless applications, only a tiny number of which involve weapons. Smart meters are intended to save energy, there is nothing unethical about them. The pre-smart-meter technology was hopelessly archaic.

And besides this is really about stuff available on the not-too-smart meters, those that are standalone but with optical ports; as opposed to other meters which are connected to the utility back office via networking.

One of the main reasons for installing smart gas meters is to not have to deal with customers like you. The meters are accurate and can be read from a distance. Meter readers who used to read 200 to 300 meters a day can now read 3000 a day, and they don't have to deal with your fences, holly bushes, mean dogs, and bad attitude.

Doesn't help me on my job because I have to physically walk over your service line and be able to touch the meter. I check for leaks, and if I can't do my job because of the bloody obstacle course you've made your yard into, then I just write it down as uncheckable and you're on your own.

Nobody is out to cheat you. The gas company gets cheated way more often than the customer does.

One of the main reasons for installing smart gas meters is to not have to deal with customers like you. The meters are accurate and can be read from a distance. Meter readers who used to read 200 to 300 meters a day can now read 3000 a day, and they don't have to deal with your fences, holly bushes, mean dogs, and bad attitude.

Doesn't help me on my job because I have to physically walk over your service line and be able to touch the meter. I check for leaks, and if I can't do my job because of the bloody obstacle course you've made your yard into, then I just write it down as uncheckable and you're on your own.

Nobody is out to cheat you. The gas company gets cheated way more often than the customer does.

The problem I have with smart meters for gas & electricity isn't a worry about the utility company somehow "cheating" me.

It's a number of things.

First, it allows real-time rationing on an individual level, allowing for all kinds of possible discrimination and other shenanigans. For instance, you get identified at a protest against your utility company, a politician your utility company supports, or some piece of legislation, and then suddenly, and completely coincidentally of course, all sorts of bad things happen to your service and your billing.

Second, it also provides a pool of very granular and detailed data that I don't particularly care to to have in the hands of either the utility or the government/LEAs, especially without strict rules that we as citizens and consumers get to vote on. How about a spouse using the data in a divorce to prove another person was there? Or a LEA using that blip in usage when you pulled out that old broken toaster-oven/microwave/etc to try to fix it as evidence of criminal activity.

Third, it's another set of data points that allow a more thorough profiling of individual habits, schedules, and activities. It's data that's also sure to be stolen/hacked at some point, either directly from the meters or from the utility database. Hack the smart meter of somebody you don't like and get them raided by a paramilitary SWAT team looking for a grow operation, maybe even getting them or their family members killed.

Sorry that your job is difficult. However, I'm not about to allow myself to be put into the above scenarios just to make your job easier. Get another job if it's that bad.

I witnessed an old electrician use a fragment of a standard household item to mitigate his monthly payment to the electricity provider. This was 20 years ago and obviously on a dumber meter. The new meters will not stop theft, though they will change the perp's resume` from HS dropout to 'sum book larnin'.

The meter is not your property and hacking it without authorization is illegal. You don't use Metasploit on other people's systems and you shouldn't use this on the utility's meter either. Buy your own meter if you want to run some experiments.

All the meters I code software for log "incidents"..... You'll most likely get caught unless you can rewrite the log. More I can not say for legal reasons, but, that being said, it is not impossible to get around that. Mod parent up, he is correct.

Just a few posts ago you stated, "Our client's data is their own" and you seemed to imply that hacking the smart meter data to record your own usage was a good way to verify that you are being billed correctly. Now you tell us that accessing the smart meter this way is likely to get you caught. I'm a bit confused.

I am not with a utility. Utilities use logs to prove stuff. The company I work for installs separate check meters. We do not read the utilities' meters. The only people who may do that (in any country as far as I am aware) are the utilities themselves. The meters belong to them. You need a check meter approved by them to audit them. That's the breaks I'm afraid. Side note: you would not believe how often 3 phase meters are wired wrong, giving false readings which look right but over or under read 10%...

So, they'll put it on the pole then. But since any tampering would look like attempt to commit fraud, you'd be better off going solar and disconnecting. After all, if they are providing a service and you're unhappy with the terms, go elsewhere. If you can't, tough. Deal with it. And put your tinfoil hat back on, and wait for that stalker to go through millions of records to find your house. They're after you, you know...

"After all, if they are providing a service and you're unhappy with the terms, go elsewhere."

The problem is that it's effectively a government-endorsed monopoly, and solar (in most places) is not yet cost-effective.

"And put your tinfoil hat back on, and wait for that stalker to go through millions of records to find your house."

It has already been well-established that there are all kinds of things a moment-to-moment analysis of a person's electrical usage can tell about them (as long as a few other pieces of information are known). I have never seen anyone seriously attempt to dispute that. Is that what you are doing?

I did not say the power company is interested in me. We don't even have those here, but jus

I am not American, so I do not share your paranoia...:) as to moment to moment? Normally that is a 30min profile block. It isn't always read, as the billing registers are more efficient in terms of bandwidth. If there were a dispute (your TOU billing could be wrong if your meter clock is), they would need to be read. They might pull back instantaneous usage (though most small meters don't support that), but it would be stupid, as information from an area meter would be useful and faster. The American news?

Wind, diesel, gas, steam? I lived for years in a failed state. We had weeklong powercuts at times. There is always an option if it is valuable enough to you. Electricity is a luxury, not a necessity. It may be a cheap luxury, but until you live an extended period without it, you probably won't understand it.

Terms of service. You want power? They put a meter on your house. They own it, you don't. Accessing it in any unauthorized manner is considered to be tampering under those TOS. You violate those TOS and you can be charged with theft of service. And they can cut your power off.

They're designed to monitor hour to hour, or quarter hour usage. Big deal. They can do that with dumb meters if they waste the time to watch. Too much data and they'll be overloaded so they're not going to go for "moment to moment".

What about other stuff? Your car can monitor where you drive, moment to moment. Take it in for service and they can theoretically figure out how you drove, safely or like a maniac, conserving fuel or wasting it, etc. Maybe even figure out when you went on vacation.

Then the utility can just remove it from your home and you can figure out how to get electricity out of the ether. This is why they have easement laws and the like. Just because it is on your property does not mean it is yours. You are also not allowed to open up a cable box on your property and give the neighborhood free cable.